Troubleshooting guide
1-34
Cisco Wide Area Application Services Configuration Guide
OL-26579-01
Chapter 1 Configuring Application Acceleration
Enabling and Disabling the Global Optimization Features
b. To import existing certificate or certificate chain and private key, perform one of the following:
• Upload certificate and key in PKCS#12 format (also as Microsoft PFX format)
• Upload certificate and private key in PEM format
• Paste certificate and private key PEM content
If the certificate and private key are already configured, you can update the certificate only. In this
case, the Central Manager constructs the certificate and private key pair using the imported
certificate and current private key. This functionality can be used to update an existing self-signed
certificate to one signed by the Certificate Authority, or to update an expiring certificate.
The Central Manager allows importing a certificate chain consisting of an end certificate that must
be specified first, a chain of intermediate CA certificates that sign the end certificate or intermediate
CA certificate, and end with a root CA.
The Central Manager validates the chain and rejects it if the validity date of the CA certificate is
expired, or the signing order of certificates in the chain is not consequent.
c. Enter a pass-phrase to decrypt the private key, or leave this field empty if the private key is not
encrypted.
Step 3 To export a configured certificate and private key (see Figure 1-19), follow these steps:
Figure 1-19 Export Certificate and Key
a.
Enter the encryption pass-phrase.
b. Export current certificate and private key in either PKCS#12 or PEM formats. In case of PEM format
both certificate and private key are included in single PEM file.
Note Central Manager will not allow exporting certificate and private key if the certificate and key
were marked as non-exportable when they were generated or imported.
Step 4 To generate a certificate signing request from a current certificate and private key (see Figure 1-20),
follow these steps: